Vulnerability Details CVE-2002-1215
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.129
EPSS Ranking 93.6%
CVSS Severity
CVSS v2 Score 10.0
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540
- http://linux-ha.org/security/sec01.txt
- http://www.debian.org/security/2002/dsa-174
- http://www.iss.net/security_center/static/10357.php
- http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html
- http://www.securityfocus.com/bid/5955
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540
- http://linux-ha.org/security/sec01.txt
- http://www.debian.org/security/2002/dsa-174
- http://www.iss.net/security_center/static/10357.php
- http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html
- http://www.securityfocus.com/bid/5955